diff --git a/.changeset/neat-games-move.md b/.changeset/neat-games-move.md new file mode 100644 index 000000000..2dae7a7ae --- /dev/null +++ b/.changeset/neat-games-move.md @@ -0,0 +1,6 @@ +--- +'@openfn/lightning-mock': patch +'@openfn/ws-worker': patch +--- + +Update vulnerable version of jose diff --git a/packages/lightning-mock/package.json b/packages/lightning-mock/package.json index 369de25ee..501f67069 100644 --- a/packages/lightning-mock/package.json +++ b/packages/lightning-mock/package.json @@ -24,7 +24,7 @@ "@types/koa-logger": "^3.1.2", "@types/ws": "^8.5.6", "fast-safe-stringify": "^2.1.1", - "jose": "^4.14.6", + "jose": "^4.15.9", "koa": "^2.13.4", "koa-bodyparser": "^4.4.0", "koa-logger": "^3.2.1", diff --git a/packages/ws-worker/package.json b/packages/ws-worker/package.json index 30483fbfe..a286aa104 100644 --- a/packages/ws-worker/package.json +++ b/packages/ws-worker/package.json @@ -30,7 +30,7 @@ "fast-safe-stringify": "^2.1.1", "figures": "^5.0.0", "human-id": "^4.1.0", - "jose": "^4.14.6", + "jose": "^4.15.9", "koa": "^2.13.4", "koa-bodyparser": "^4.4.0", "koa-logger": "^3.2.1", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index af598fe53..3ec81dd73 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -505,8 +505,8 @@ importers: specifier: ^2.1.1 version: 2.1.1 jose: - specifier: ^4.14.6 - version: 4.14.6 + specifier: ^4.15.9 + version: 4.15.9 koa: specifier: ^2.13.4 version: 2.13.4 @@ -691,8 +691,8 @@ importers: specifier: ^4.1.0 version: 4.1.0 jose: - specifier: ^4.14.6 - version: 4.14.6 + specifier: ^4.15.9 + version: 4.15.9 koa: specifier: ^2.13.4 version: 2.13.4 @@ -5197,8 +5197,8 @@ packages: '@pkgjs/parseargs': 0.11.0 dev: true - /jose@4.14.6: - resolution: {integrity: sha512-EqJPEUlZD0/CSUMubKtMaYUOtWe91tZXTWMJZoKSbLk+KtdhNdcvppH8lA9XwVu2V4Ailvsj0GBZJ2ZwDjfesQ==} + /jose@4.15.9: + resolution: {integrity: sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==} dev: false /joycon@3.1.1: